testldapserver
Use the testldapserver command to test a Lightweight Directory Access Protocol (LDAP) server.
Syntax
>>- testldapserver -- -- -delim -- delimiter -------------------> >--+-----------------------------------------------+------------> '- -username -- user_name --+-----------------+-' '-+- -password -+-' '- password --' >--+---------------------+------------------------------------->< +- ldap_server_id ----+ '- ldap_server_name -'
Parameters
- -delim delimiter
- (Optional) By default, in a concise view all columns of data are space-separated, with the width of each column set to the maximum possible width of each item of data. In a detailed view, each item of data is an individual row, and if displaying headers, the data is separated from the header by a space. The -delim parameter overrides this behavior. Valid input for the -delim parameter is a one-byte character. Enter -delim : on the command line, and the colon character (:) separates all items of data in a concise view (for example, the spacing of columns does not occur); in a detailed view, the specified delimiter separates the data from its header
- -username user_name
- (Optional) Specifies the user name to test.
- -password password
- (Optional) Specifies the password to test. You can optionally
specify the password with this parameter. If you do not specify the
password, the system prompts you for it before running the command
and does not display the password that you type.Note: The -password parameter is only valid if -username is specified. The actual password does not need to be supplied.
- ldap_server_id|ldap_server_name
- (Optional) Specifies the LDAP server ID or name to test.
Description
The testldapserver command
allows three levels of testing:
- Server connection test (issue testldapserver without supplying username or password). This verifies that a connection can be established with the server while authenticating using the configured administrator credentials according to the LDAP configuration.
- Server connection, LDAP configuration, and user authorization
test (issue testldapserver with a username). This
verifies that:
- A connection can be established with the server while authenticating using the configured administrator credentials.
- The LDAP attributes are correctly configured on the system.
- The user has been assigned a role.
- Server connection, LDAP configuration, and user authentication
test (issue testldapserver with a username and
password). This verifies that:
- A connection can be established with the server while authenticating using the configured administrator credentials.
- The user authenticates with the supplied password
No specific server errors indicates success.
Important: This command works whether or not LDAP authentication
is selected or enabled with the chauthservice command.
Table 1 provides
the attribute values that can be displayed as output view data.
Attribute | Value |
---|---|
id | LDAP server ID |
name | LDAP server name |
error | Critical server error (or success, depending on situation) encountered |
An invocation example with one LDAP server and no specific user information
testldapserver -delim ":" ldapserver1
The resulting output:
id:name:error
1:ldapserver1:CMMVC7075I The LDAP task completed successfully
An invocation example with all LDAP servers using a UPN
testldapserver -username bloggs@company.com -delim ":"
The resulting output:
id:name:error
0:ldapserver0:CMMVC6518E The task has failed because no roles
are defined for the current user on the system.
1:ldapserver1:CMMVC7075I The LDAP task completed successfully.
2:ldapserver2:CMMVC7075I The LDAP task completed successfully.